I'm delighted to see that someone's writing an OTP encryption plugin. I've always had the idea of doing one but I'm a .NET/Mono guy, plus I can't be assed with GTK.
Here's some ideas:
If that's possible, inject an info bar between the message box and the input box, that displays various informations and warnings. Like how many messages are left based on remaining entropy and average message length. Warn if the key data isn't pure anymore (see below).
Add the option to remix key data when the users are about to run out. The idea is that you should be able to bridge the time between additional pure key data exchanges.
My idea was to reserve a certain amount of key data (e.g. the last 32KB) to use this to have one party initiate a remix by sending a block of random data and an remixer function. If a party initiates a remix, it grabs 30KB of /dev/urandom, encrypts it with the remaining existing key data and tells the other party to pause messaging until data's remixed.
The remixing process I had in mind is XORing the existing data using the 30KB (or more) new data in a round robin fashion. Additionally, a random remixer function should be agreed on and used, to mutate the output data (things like reverse bitorder on a byte, switch the even bits with the odd bits, funky mathematics that are determinate (since you want both parties to have the same keydata), and so on).
The infobar, if implemented, should tell the users that the key data isn't pure anymore, after it has been remixed. Ideally, the plugin also tracks the amount of remixes and indicates it.
Thanks for considering these.
Log in to post a comment.